CEBU, Philippines - A global leader in high-performance network security recently released the findings of its threat landscape research for the first quarter of this year, citing the Bitcoin mining botnet, ZeroAccess, as the number one security network threat.
Fortinet's FortiGuard threat landscape research team observed that ZeroAccess was reported to be the top threat among FortiGate devices worldwide for the threat period of January to March 2013.
Fortinet is a worldwide provider of network security appliances and a market leader in unified threat management.
FortiGuard Labs compiled threat statistics and trends for the first quarter of 2013 based on the data collated from the production of FortiGatein network security appliances and intelligence systems worldwide.
FortiGuard services that help protect against threats on both application and network layers are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats.
According to FortiGuard Labs security strategist and threat researcher Richard Henderson, the growth of new ZeroAccess infections has remained constant as owners have sent their infected hosts 20 software updates in the last 90 days.
"In the first quarter of 2013, we have seen owners of the ZeroAccess botnet maintain and expand the number of bots under its control. As Bitcoin's popularity and value increases, we may see other botnet owners attempt to utilize their botnets in similar fashions or to disrupt the Bitcoin market," he said.
ZeroAccess, primarily used for click fraud and Bitcoin mining, ranked as the number one botnet threat based on the reports from FortiGate devices worldwide.
Since FortiGuard Labs began actively monitoring ZeroAccess in August 2012, there is a staggering 100,000 new infections per week and almost three million unique IP addresses reporting infections seen by the team recently.
It is estimated that ZeroAccess may be generating its owners up to $100,000 per day in fraudulent advertising revenue alone.
Meanwhile, the team's research further revealed its analysis of the South Korea cyber attacks and two new Android adware variants that have been included in the watch list in the first quarter.
A massive malware attack on South Korean television networks and financial institutions last March caused wide-scale damage, wiping thousands of hard drives.
The team's research showed that the attackers were able to seize control of patch management systems and use the trusted nature of those systems to distribute malware within their targets' networks.
Two new Android adware variants named as Android.NewyearL.B and Android.Plankton.B have posted a large number of global infections in the same threat period.
Both pieces of malware are embedded into various applications and are able to display advertisements, track users through the phone's unique IMEI number and modify the phone's desktop.
FortiGuard Labs senior manager Guillaume Lovet said in a company's statement that the surge in Android adware can most likely be attributed to users installing what they believe are legitimate applications that contain the embedded adware code.
Lovet added that it also suggested the possibility of an individual or a group to monetize these inventions through illicit advertising affiliate programs.
Officials of FortiGuard Labs advised users to protect themselves by paying close attention to the rights asked by an application at the point of installation.
They are also encouraged to download mobile applications that have been highly rated and reviewed. — Grace Melanie I. Lacamiento (with PR)/JMD (FREEMAN)